What is the ping of death? Attacks that crash computers
A ping of death (PoD) attack aims to interrupt the regular operation of targeted computers. It causes crashes and freezes by overwhelming the device with large packets.
Surprisingly, the attack does not require drastic measures or highly sophisticated techniques. The ping of death is possible if the attackers know your IP address and your device contains some legacy weaknesses.
Thus, the ping of death floods a device with disformed packets until it can no longer respond to them. Luckily, some practical tips can protect devices from this threat.
What is a ping of death?
The ping of death attack is a malicious attempt to make a computer system crash or freeze. Thus, its intentions and overall techniques help classify it as another DoS () attack. All such threats share the principle of pushing devices, websites, or servers down.
The ping of death stands out from other DDoS attacks in the following ways:
- The attackers flood devices with abnormal packets, exceeding their usual sizes. They get delivered using a simple ping command.
- What is a ping command? Its purpose is to send packets of data to a specific IP address.
- Usually, perpetrators would send a large ping packet to targeted operating systems.
- An oversized ping packet or Internet Control Message Protocol (ICMP) causes flooding to the system. However, the malformed requests get sent in a series of fragment packets. When the system reassembles the packet, it is in danger of crashing or rebooting.
- Computers cannot process packets larger than their capacity, resulting in crashes or the infamous blue screen on Windows.
How ping of death attacks work
We can establish the main steps and procedures that the ping of death attack goes through:
- Ping uses ICMP to check the network status and see if machines are connected to networks. It inspects connectivity by sending echo request packets to a particular IP address.
- Sending a ping packet means that the packet does not exceed 65,535 bytes under normal circumstances.
- If the request is larger, it exceeds the maximum packet length. Then, the ping flood occurs and overwhelms the memory buffers.
- Then, unable to deal with the packets from source machines, devices crash, freeze, or reboot.
Can the ping of death attack still a work
Most operating systems have received updates to combat the ping of death. However, blocking ICMP requests would disrupt specific network processes.
Additionally, the attacks might target any, referring to ports that wait for service network packets.
However, the original ping of death attacks focused on TCP/IP are less likely. It could still be relevant in older operating systems.
A recentalso showcased how oversized ICMP/IP could disrupt the ping operation. Luckily, developers have fixed the affected releases with a patch.
What can occur during a ping of death attack?
The ping of death attempts to push the targeted system offline and halt its operation. Usually, the ping flood can cause the following disruptions:
- Devices become unstable and destabilized.
- Systems experience sudden freezes and crashes.
- Computers initiate unauthorized reboots.
Protect against the ping of death
The chances are that your system has protection against the ping of death. Software flaws are uncovered daily. Developers should promptly address these errors.
If you want to increase your immunity against the ping of death attack, see the viability of some popular recommendations:
- You could instruct firewalls to block ICMP ping messages. However, it might present other issues. Furthermore, malformed packets could end up focusing on other listening ports instead.
- It is possible to block fragmented pings, which would prevent the ping of death. In this option, the standard ping packets would still successfully reach devices.
- Do not forget to update software and operating systems to resolve issues as soon as possible.
- Prevention solutions to stop Distributed Denial of Service (DDoS) attacks might also help against the computer or system overload.